figma

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly fetches and reads user-generated Figma content via the Membrane Figma connector (e.g., the "Get File", "Get File Nodes", and "Get Comments" actions described in SKILL.md), exposing the agent to arbitrary third-party content that could contain injected instructions.